Recently, it is believed that encryption practitioners have been screened by the news that the U.S. Department of the Treasury’s Office of Foreign Assets Control (OFAC) has sanctioned the Tornado Cash protocol. Under the sanctions, U.S. individuals and entities are prohibited from engaging in blockchain or business interactions with Tornado Cash-related addresses or risk criminal liability for violations.
The U.S. Department of the Treasury has been working to expose criminal incidents in the virtual currency ecosystem. The main reason for the sanction of the Tornado Cash agreement is that it has been used to launder more than $7 billion worth of digital currency since its creation in 2019.
In the crypto world, it is indeed not uncommon to see Tornado Cash in the news of the project being hacked. Tornado Cash is a fully decentralized, non-custodial protocol that improves transaction privacy by breaking the on-chain link between source and destination addresses. Specifically, Tornado.Cash uses smart contracts (anonymous pools) that accept token deposits from one address and allow them to withdraw from a different address, and block the deposit address and withdrawal address through zero-knowledge proofs In order to achieve anonymous transactions, the privacy of individual transactions on the chain is protected.
Such a design does provide convenience for hackers. They enter the stolen funds into the smart contract of Tornado.Cash, and use Tornado.Cash's currency mixing technology to hide illegal transactions. Tornado.Cash has almost become the most useful hacker companion.
More than $455 million of the $7 billion in virtual currency laundered from Tornado.Cash was stolen by the Lazarus Group, a state-backed hacking group from the Democratic People's Republic of Korea (DPRK), according to official U.S. Treasury Department sources.
As early as May of this year, the U.S. Department of the Treasury also sanctioned Blender, a currency mixer that helped Lazarus Group hide illegal transactions. It can be seen that such projects have become a thorn in the side of the US Treasury Department.
Numerous crypto projects have suspended cooperation with Tornado Cash following news of the sanctions: Gitcoin, for example, has suspended Tornado Cash grants; GitHub shut down the project’s homepage and blocked developer access; Infura and Alchemy are blocking access to Tornado Cash RPC requests and more. Currently, Toranado front-end official website has been banned from access.
Tornado Cash's Total Volume Locked (TVL) dropped 13% to $400 million on the back of the news. In the secondary market, the price of TORN tokens also plummeted, with a drop of 48%.
Some innocent users were implicated
Facing Tornado Cash being sanctioned, there are many different voices in the market. Many ordinary users called it "indiscriminate sanctions".
From a legal point of view, anyone who interacts with the sanctioned wallet will be punished. Those who have passively received funds from the sanctioned wallet, whether they know it or not, need to be responsible for this, which may implicate the assets of ordinary users.
As Twitter user @TheCryptoDog put it: "So US government agents can send a little ETH via Tornado Cash to anyone's address they don't like, say look what you did, and sanction all their assets?"
It is true that anonymous users send small amounts of ETH to well-known crypto figures for "poisoning attacks" through Tornado Cash.
According to Astaria CTO Joseph Delong (formerly CTO of SushiSwap), the anonymous user was sending 0.1 ETH to a series of crypto wallets, including ENS names as well as crypto wallets associated with celebrities personally.
For example, the anonymous address has sent ETH to EthHub co-founder Anthony Sassano, crypto trader Loomdart, Coinbase CEO Brian Armstrong, crypto artist Beeple, talk show host Jimmy Fallon, and Zuckerberg's sister Randy Zuckerberg.
According to PeckShieldAlert, as of now, about 440 addresses have received 0.1 ETH sent by anonymous users.
Additionally, while there is no way to prevent the incoming of on-chain funds, since Tornado Cash is a sanctioned entity, it is likely that some exchanges and other relevant authorities will freeze any transaction funds sent from Tornado Cash.
For example, the Circle co-founder tweeted that it worked with Coinbase to limit the movement of USDC funds to these sanctioned addresses. Circle froze more than $75,000 worth of funds from sanctions lists. According to Dune data, 81 USDC addresses related to Tornado Cash have been banned.
He said: Yesterday, the U.S. Department of the Treasury requested sanctions on ETH addresses related to Tornado Cash. As a U.S. financial institution regulated by the requirements of the Bank Secrecy Act (BSA), Circle, along with Coinbase, restricted the movement of USDC funds to these sanctioned addresses. It is likely that almost all endorsed crypto asset service providers have also taken steps to prevent customers from transacting with these addresses or face charges of willfully evading US sanctions compliance obligations, which could carry penalties of up to 30 years in prison.
Ethereum co-founder Vitalik Buterin also joined the discussion, and Vitalik Buterin publicly stated a day after the sanctions were announced that he had used Tornado Cash to make private donations to Ukraine. He said it was not to protect himself, but to protect recipients in Ukraine.
As the field of encryption expands, policy makers and regulators are increasingly focusing on it. The U.S. Treasury Department’s sanctions on the Tornado Cash protocol are expected. The threshold for crypto crime. But such a “one size fits all” approach would allow ordinary crypto users to become involved without their knowledge.
Privacy technology may be used by criminals, but this does not mean that privacy technology is original sin. This is not the first collision between the vision of decentralization and centralized regulation, nor will it be the last. New fields require new orders, and innovators and rule makers are also advancing in their groping.
